PT-2021-23153 · Nextcloud+1 · Nextcloud+1
Bncrypted
·
Published
2021-10-25
·
Updated
2022-10-25
·
CVE-2021-41178
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Nextcloud versions prior to 20.0.13
Nextcloud versions prior to 21.0.5
Nextcloud versions prior to 22.2.0
Description
A file traversal vulnerability in Nextcloud allows an attacker to download arbitrary SVG images from the host system, including user-provided files. This could be leveraged into a XSS/phishing attack by uploading a malicious SVG file that mimics the Nextcloud login form and sending a specially crafted link to victims. However, the XSS risk is mitigated due to Nextcloud's strict Content-Security-Policy, which disallows execution of arbitrary JavaScript.
Recommendations
Upgrade to version 20.0.13 or later
Upgrade to version 21.0.5 or later
Upgrade to version 22.2.0 or later
There are no known workarounds aside from upgrading.
Fix
Unrestricted File Upload
Relative Path Traversal
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Nextcloud
Suse